A KYC database sold on the Darkweb ? - page 2.

Oilacris

hero member

Activity: 2996

Merit: 609

Quote from: itarachiu on January 20, 2019, 12:57:12 PM

Quote from: coolcoinz on January 20, 2019, 11:28:38 AM

That's the weakness of KYC and we had a taste of it when facebook got hacked and another one when this forum's database got stolen. I miss the times when we could trade freely without having to deal with KYC on sites like bittrex and poloniex, but things change. Unfortunately, in most cases they change for the worse.
I used to be and still am against KYC and government agencies trying to oversee crypto trading, but reading the posts of some forum members here makes me thing that I'm in the minority.

VPN + download Google Auth for PC = No more KYC Cheesy

I tried as a test 1 year ago and I successfully bypass all KYC verifications, I forgot on which one of exchanges... it was one of the most popular.

How could you bypass a KYC verifications using only VPN and Google Auth? Aren't you aware what is KYC means? It just means that they want your real name and address while some of it asking for a any verified government ID's. Don't make KYC as easy as you think, it is not that simple.

creeps

full member

Activity: 742

Merit: 144

Quote from: boltz on January 29, 2019, 02:45:21 PM

Now this is a teaching lesson for those who are doing KYC in order to get some few coins and they don't even know that they are selling their data and photos of their ID's. Why do you belive in strangers in the first place? And why would you involve into small projects who are asking for KYC when they don't even pass the KYC themselves so think again next time before uploading your ID.

Its too risky to share your personal information and because of this many investors will doubt to come in if they are being asked to give their details. Bounties should not ask for this one or even the ICO’s not unless they already make their name in the market just like the top exchanges but I still think that there is still risk. If you want to be more private, then stop using facebook and other social sites.

adzino

copper member

Activity: 2968

Merit: 575

www.Crypto.Games: Multiple coins, multiple games

Good think I avoid sites that looks for KYC when joining the site. I always knew something like this might happen. No matter how secure they claim their service/exchange is, there is a slight chance the data might get hacked.
People should just be careful when handing over their KYC form, specially to those scammy ICOs. There are high chance that those failed project ICO will end up selling your data.

Veddi

newbie

Activity: 9

Merit: 0

People who don`t believe that, should just think about what is technically possible. Data is gold!
KYC is a piss take. Whoever is giving his identity away is just dumb and is "non compos mentis". KYC on crypto to fiat transfer. It´s ok, but not for bounties, ICO registering and withdrawing crypto from services (exchanges).

Thirdspace

hero member

Activity: 1232

Merit: 738

Mixing reinvented for your privacy | chipmixer.com

Quote from: gaston castano on January 29, 2019, 02:28:21 PM

If so, it means that those who have done KYC at the ICO are very vulnerable to losing their privacy,
because KYC from large markets like BITTREX and BINANCE are also traded, this is really bad

that's why many people against KYC on ICOs, airdrops, giveaways or anything which trying to collect personal data
they hide behind KYC/AML or fraud-prevention policy but most of them just want to get your info
and we know those exchanges was breached (I think) at onetime in the past,
but how can we tell those data are really originated from those exchanges?
it sounds like marketing gimmicks, while their real source is just from ICO and Airdrops

therhslv

sr. member

Activity: 1022

Merit: 264

Thats why i always trust only third party services with history proof in market . Ofcourse i did KYC in bittrex and other exchanges to withdraw funds , but hopefully nothing bad happens with my Identity =D If that proof is real that it was leaked ... Maybe somebody trying to earn some money with FAKE kyc documents

Ethan Craft

newbie

Activity: 10

Merit: 0

Since the recent news of hack, I had been researching on Custodial and non-custodial exchanges thinking that if funds are safe with me in my wallet I am safe. But, this a completely new thing to me that KYC database has been sold. Now, I think one need to only prefer Non-custodial exchange with no kyc.

I found that the following two Exchanges are Non-custodial as well as NO KYC required.
1. CoinSwitch.co
2. Changelly

It really scares me when I read all such discussions in forum. I have even been using Bitmex which is custodial but, till day did not face any major issue using there site.

Moshaid

copper member

Activity: 546

Merit: 1

News like this is what has discouraged some of my colleagues in joining the crypto space, although devs cannot be 100% perfect but in cases of kyc database daily maintenance and checks should be in place to tackle against situation like this. I'm not happy with this news because If this users details gets in other people hands it might be use for something dangerous.

Hueristic

legendary

Activity: 3836

Merit: 4969

Doomed to see the future and unable to prevent it

Still waiting on actual proof.

reality18

member

Activity: 938

Merit: 14

Earn more with Earn Network

The sales of customers' data to the dark web has been an issue for years now . It has now become lucrative to sell huge data to the dark web. This is the main reason why most online workers do not heed to the idea KYC. This sold information are normally used to send phishing emails to all participants with their data attached.

thesmallgod

full member

Activity: 1498

Merit: 129

This is really serious. No wonder a lot of people have condemned the idea of requesting for a document for KYC especially the ICO. Many of this people are faceless people who also hide their identity but they always want people to provide a document for KYC. I could not imagine amounts of a document in that hacker disposal that he went so low as giving 100 documents for 10 dollars. This will sound as a warning and reminder for investors and anyone else interested in crypto to be careful in giving out their documents most especially international passport.

Koobtcgal

full member

Activity: 714

Merit: 100

Acewins.io

Only the people who are unable of what hacked data could be used for always speak for KYCs. A majority of people on this platform are against KYC but it seems none can voice it out and even if it is voiced out, nothing can be done about it. This is one of the negative parts of the blockchain industry, there are no central agencies to oversee some of these activities. People do what they want.

SkustaClee

full member

Activity: 476

Merit: 100

There are disadvantages on participating in KYC and that''s why I never uploading my identity in not reliable exchanges. We should not do KYC if we want to protect our identity. The IDs that we upload are vulnerable to hackers.

abojamal

member

Activity: 322

Merit: 17

Quote from: kenzawak on January 20, 2019, 10:52:19 AM

Hacked Customer Data From World Leading Cryptocurrency Exchanges For Sale On The Dark Web?

https://www.ccn.com/hacked-customer-data-from-world-leading-cryptocurrency-exchanges-for-sale-on-the-dark-web/

"On a darknet market called “Dread,” a vendor going by “ExploitDOT” is attempting to sell user data from the know-your-customer (KYC) data top cryptocurrency exchanges ask for, required by most jurisdictions.

According to data shared with CCN, the hacker has an ad that has been online since July 2018, in which he claims to have hacked documents used in KYC checks – including identity cards and drivers’ licenses – from users of top exchanges like Bittrex, Poloniex, Bitfinex, and Binance.

The data is seemingly for sale for $10 per 100 documents or more, with discounts applying for those who buy in bulk, all the way up to $1 per 1,000 for an order of over 25,000. CCN was able to independently verify the ad on the dark web, which is still online. No links to it will be added to avoid promoting the service."

A few days ago, this also made news :

https://www.techspot.com/news/78317-leaked-database-exposes-87gb-emails-passwords.html

Stealing personal data is one of the worst consequences of kyc
The worst thing is that some airdrops ask kyc for some cents in the end
We must be very careful in dealing with our data.

ranman09

full member

Activity: 756

Merit: 112

Quote from: itarachiu on January 20, 2019, 12:57:12 PM

VPN + download Google Auth for PC = No more KYC Cheesy

I tried as a test 1 year ago and I successfully bypass all KYC verifications, I forgot on which one of exchanges... it was one of the most popular.

I think that is two-factor authentication you are referring to. It is not KYC. KYC or know your customer requires people to send legal documents that prove that they are real people.

boltz

legendary

Activity: 3346

Merit: 1203

Now this is a teaching lesson for those who are doing KYC in order to get some few coins and they don't even know that they are selling their data and photos of their ID's. Why do you belive in strangers in the first place? And why would you involve into small projects who are asking for KYC when they don't even pass the KYC themselves so think again next time before uploading your ID.

gaston castano

sr. member

Activity: 1526

Merit: 251

Quote from: bL4nkcode on January 20, 2019, 01:56:56 PM

Quote from: itarachiu on January 20, 2019, 12:57:12 PM

VPN + download Google Auth for PC = No more KYC Cheesy

I tried as a test 1 year ago and I successfully bypass all KYC verifications, I forgot on which one of exchanges... it was one of the most popular.

What kind of KYC procedure does that service/site have if it only needs google auth and VPN.

That's why KYC is bullsh*t from projects who want to run their ICO. ICO and mostly the scam once required KYC, then sold it to some people who needs personal info since data == money. I only do KYC to services I needed the most and a reputed service especially to convert crypto to fiat, but taking kyc to ICO or bounties or any shady exchange? Thanks but no thanks.

And this reddit user/hacker trying to sell them at very cheap price means that more people will get access of that info and possible, it will be leaked even in google. And after several time, this people who doesn't care their privacy will see their names used to scam someone in the internet because of identity theft.

If so, it means that those who have done KYC at the ICO are very vulnerable to losing their privacy,
because KYC from large markets like BITTREX and BINANCE are also traded, this is really bad

proTECH77

member

Activity: 1120

Merit: 30

Bisq Market Day - March 20th 2023

Security of these exchanges are very low or their flaws might have be know to the hacker or there must have be an insider that leaked out the information on the exchange. Though there are still speculations of the possibility of the exchange making deal for the sales of the customers database.

kissme09

full member

Activity: 658

Merit: 100

PayAccept - Worldwide payments accepted in seconds

Quote from: cokroalif on January 20, 2019, 11:18:54 AM

it's something scary, now KYC can also be hacked, I really don't think the darkweb site is really dangerous

everything is not as scary as what you think because I know that the team of these exchanges has worked so badly when it leaves customers' personal information stolen. Everything can be done by money so to avoid this situation exchanges should cooperate with a company that has KYC expertise and security to make things safer.

hxtop

hero member

Activity: 1071

Merit: 500

Sadly, "know your customer" issue became known by anybody . What a bad thing that for us. Our private data is on hackers' hand and they are gaining money by selling this data. Unfortunately, companies want to know very much about their customers and they have detailed database. As you know there is a principle which is called "the principle of least privilege" (PoLP). I think, this principle must be implemented strictly. By doing this, we are not going to be under thread, even though hackers reach to data, because this data is limited.

Topic: A KYC database sold on the Darkweb ? - page 2. (Read 18845 times)